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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . This communication is responsive to 05/05/2009 . 

2. ^ The allowed claim(s) is/are 1-6 and 8-22 . 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a) □ All b)DSome* c) □ None of the: 

1. □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1 ) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1. 84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 



Attachment(s) 

1 . □ Notice of References Cited (PTO-892) 

2. □ Notice of Draftperson's Patent Drawing Review (PTO-948) 

3. □ Information Disclosure Statements (PTO/SB/08), 

Paper No./Mail Date 

4. □ Examiner's Comment Regarding Requirement for Deposit 

of Biological Material 



5. □ Notice of Informal Patent Application 

6. □ Interview Summary (PTO-413), 

Paper No./Mail Date . 

7. ^ Examiner's Amendment/Comment 

8. ^ Examiner's Statement of Reasons for Allowance 

9. □ Other . 
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EXAMINER'S AMENDMENT 

An Examiner's Amendment to the record appears below. Should the changes and/or additions 
be unacceptable to applicants, an amendment may be filed as provided by 37 CFR 1.312. To 
ensure consideration of such an amendment, it must be submitted no later than the payment of 
the issue fee. 

Authorization for this Examiner's Amendment was given in a telephone interview with Leila R. 
Abdi on 08/07/09. 

Please amend claims 1, 1 1 & 22 and cancel claim 7. 



Listing of Claims 

1 . (Currently Amended) A computer network comprising: 

a multiport network device to receive data packets to be transmitted using the computer 
network, the network device storing one or more authorized network descriptors; and 

a computer executing a software application, the software application generating data 
packets to be transmitted to the computer network through the network device, the software 
application registering a network rights descriptor with the network device, the software 
application inserting the network rights descriptor in each generated data packet; 
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wherein the network device is configured to discard the data packet if the local network 
rights descriptor in the data packet does not match an authorized local network rights descriptor, 
to determine whether the local network rights descriptor should be stripped from the data packet 
if the local network rights descriptor in the data packet matches an authorized network rights 
descriptor, and to process the data packet after the determination^ wherein the network rights 
descriptor comprises an application rights descriptor, a content rights descriptor, and an 
enterprise rights descriptor, wherein the application rights descriptor is used to include 
information regarding a software application, device, or network appliance generating the data 



7. (Cancelled). 

1 1 . (Currently Amended) A computer network comprising: 

a first multiport network device to receive data packets to be transmitted using the 
computer network, the first network device inserting a local network descriptor in each data 
packet transmitted by the first network device; 

a second network device to receive data packets from the computer network, the 
second network device storing one or more authorized local network descriptors; 

wherein the second network device is configured to discard the data packet if the local 
network descriptor in the data packet does not match an authorized local network descriptor, and 
to determine whether the local network descriptor should be stripped from the data packet if the 
local network descriptor in the data packet matches an authorized local network descriptor, and 
to process the data packet after the determinatio n, wherein the network rights descriptor 



jacket . 
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comprises an application rights descriptor, a content rights descriptor, and an enterprise rights 
descriptor, wherein the application rights descriptor is used to include information regarding a 
software application, device, or network appliance generating the data packet. 

22. ( Currently Amended ) A method for processing data packets in a computer network, 
comprising: 

storing one or more authorized network descriptors at a multiport network device; 

generating data packets at a software application, the data packets to be transmitted to the 
computer network through the network device; 

inserting a network rights descriptor in each generated data packet with the software 
application; 

receiving input at the network device identifying the network rights descriptor as an 
authorized network rights descriptor; 

receiving a data packet at the network device, the data packet including information from 
one or more of Layers 2 through 7 of the OSI model; 

if the network rights descriptor in the data packet matches an authorized network rights 
descriptor, processing the data packet at the network device; and 

if the network rights descriptor in the data packet does not match an authorized network 
rights descriptor, discarding the data packet , wherein the network rights descriptor comprises an 
application rights descriptor, a content rights descriptor, and an enterprise rights descriptor, 
wherein the application rights descriptor is used to include information regarding a software 
application, device, or network appliance generating the data packet . 
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Reasons for Allowance 

1 . Claims 1 -6 and 8-22 will be allowed. 

2. The following is an examiner's statement of reasons for allowance. 

The prior art references most closely resembling the applicant's claimed invention are 
Merchant (6,732,184) et al and Moriconi (U.S. 6,941,472). 

First Merhcant disclosed a switching system includes a multiport module having an 
address table for storing network addresses, and host processor configured for selectively 
swapping the stored network addresses in the address table to an internal memory that serves as 
an overflow address table for the multiport switch module. Merchant failed to disclose "whether 
the local network descriptor should be stripped from the data packet if the local network 
descriptor in the data packet matches an authorized local network descriptor, and to process the 
data packet after the determination, wherein the network rights descriptor comprises an 
application rights descriptor, a content rights descriptor, and an enterprise rights descriptor, 
wherein the application rights descriptor is used to include information regarding a software 
application, device, or network appliance generating the data packet" (claims 1,1 1,22). 

Second Moriconi disclosed a system and method for maintaining security in a distributed 
computing environment comprises a policy manager located on a server for managing and 
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distributing a security policy, and an application guard located on a client for managing access to 
securable components as specified by the security policy. However Moriconi failed to disclose 
"whether the local network descriptor should be stripped from the data packet if the local 
network descriptor in the data packet matches an authorized local network descriptor, and to 
process the data packet after the determination, wherein the network rights descriptor comprises 
an application rights descriptor, a content rights descriptor, and an enterprise rights descriptor, 
wherein the application rights descriptor is used to include information regarding a software 
application, device, or network appliance generating the data packet" (claims 1,1 1,22). 

In summary, the Examiner submits that neither Merchant nor Moriconi teaches all the limitations 
of independent claims in combination with other elements. Specifically prior art does not teach 
"whether the local network descriptor should be stripped from the data packet if the local 
network descriptor in the data packet matches an authorized local network descriptor, and to 
process the data packet after the determination, wherein the network rights descriptor comprises 
an application rights descriptor, a content rights descriptor, and an enterprise rights descriptor, 
wherein the application rights descriptor is used to include information regarding a software 
application, device, or network appliance generating the data packet"; therefore, claims 1-6, 8-22 
have been deemed allowable over the prior art. 

Any comments considered necessary by applicant must be submitted no later than the payment 
of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such 
submissions should be clearly labeled "Comments on Statement of Reasons for Allowance." 
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Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Adnan Mirza whose telephone number is (571) 272-3885. The examiner 
can normally be reached on Monday through Friday from 9:30 A.M. to 6:30 P.M. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor Vivek Srivastava can be reached on (571)-272-7304. The fax phone numbers for the 
organization where this application or proceeding is assigned are listed herein below. 
Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be 
obtained from either Private PAIR or Public PAIR. Status information for un published 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at (866)-2 17-9 197 (toll-free). 
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Supervisory Patent Examiner, Art Unit 2445 



